CVE Details
Basic Information
| Title | Tenda AC9 cross-site request forgery |
|---|---|
| Type | cve |
| Published | 2025-06-09T22:00:19.518Z |
| Last Seen |
Product Information
| Vendor | Tenda |
|---|---|
| Product | AC9 |
| Version | 15.03.02.13 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A cross-site request forgery (CSRF) vulnerability exists in Tenda AC9 15.03.02.13, allowing remote attackers to perform unauthorized actions via crafted requests. The vulnerability affects an unknown component and can be exploited without authentication. |
|---|---|
| AI Severity | Medium |
| Vendor | Tenda |
| Product | AC9 |
| Affected Version | 15.03.02.13 |
Affected Products
- Tenda AC9 15.03.02.13
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-352, CWE-862 |
| Bulletin Family |
References
- https://vuldb.com/?id.311673
- https://vuldb.com/?ctiid.311673
- https://vuldb.com/?submit.592198
- https://vuldb.com/?submit.592199
- https://candle-throne-f75.notion.site/Tenda-AC9-fromSysToolReboot-20adf0aa1185806a9d20ee5c355c08a6?pvs=73
- https://candle-throne-f75.notion.site/Tenda-AC9-fromSysToolRestoreSet-20adf0aa11858094a25ae21f9b4203da
- https://www.tenda.com.cn/
Description
A vulnerability, which was classified as problematic, was found in Tenda AC9 15.03.02.13. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.